►
From YouTube: TGI Kubernetes 089: Tekton Pipelines
Description
Notes archived at https://github.com/heptio/tgik/blob/master/episodes/089/README.md
Content around Tekton starts about 20 minutes in.
Come hang out with Joe Beda as he does a bit of hands on hacking of Kubernetes and related topics. Some of this will be Joe talking about the things he knows. Some of this will be Joe exploring something new with the audience. Come join the fun, ask questions, comment, and participate in the live chat!
This week we will be looking at the Tekton CD project. This is an offshoot of KNative and one of the inaugural projects for the Continuous Delivery Foundation (CDF).
A
All
right
welcome,
welcome,
welcome
everybody,
happy
Friday
I
am
Joe
Beda
and
welcome
to
t
GI
kubernetes
for
those
not
in
the
know.
This
is
a
weekly
issue
live
stream
that
we
do
here
at
VMware.
We
talk
about
all
things.
Kubernetes
do
some
live
coding,
learn
some
stuff
together,
pick
a
topic
and
we've
been
doing
it
for
quite
a
while.
B
A
I
forget
to
say:
I'm
Joe,
Beda
I'm,
a
principal
engineer
here
at
vmworld
VMware
and
came
from
hefty,
oh
and
actually
helped
start
the
kubernetes
project
when
I
was
a
was
at
Google.
So
let
me
first
say:
oh
man!
Thank
you.
Everybody
for
saying,
hi
and
joining
in
like
Suresh
was
here
early
he's
joining
us
from
Hamburg.
Jason
is
in
the
Google
office
in
New.
York
thanks
for
staying
late,
Jason
and
Jason
is
actually
a
tech
town
contributor.
A
So
when
we
go
off
the
rails,
when
we
do
something
stupid,
Jason's
gonna
actually
help
get
us
back
on
track.
So
thanks
for
joining
us,
I
really
appreciate
that.
Let's
see
we
have
a
Malik
from
India
joining
from
the
VMware
office
in
Bangalore,
you
really
are
staying
up
late,
I'm
actually
gonna
be
in
India
next
week.
It's
the
first
time
I'll
be
out
there
in,
like
five
years,
I'm
gonna
be
hitting
visiting
some
customers
in
Mumbai
and
Delhi
and
then
and
then
visiting
the
the
Bangalore
office.
A
A
really
quick
trip
we'll
see
if
I,
if
I
stay
awake,
let's
see
Ola
from
Copenhagen
good
to
see
you
yatin
from
Virginia
Rory
from
Scotland.
That's
a
very
Scottish
name.
Rory
welcome!
Welcome,
Aled
from
from
Brisbane
Bristol
England
Shahar
from
atlanta
l'm
adi
good
to
see
you
Sandeep
Christy
MA
from
Strasbourg,
oh
whoa.
A
You
know
this
is
the
thing
that
always
catches
me
by
surprise
is
that
folks
are
really
coming
in
from
everywhere,
with
a
lolicon
from
Nigeria
as
just
super
crazy.
So
thank
you.
Thank
you.
Everybody
for
joining
us,
okay.
So
the
first
order
of
business
is
I,
moved
in
here
to
our
offices
and
VMware
in
Bellevue,
and
we
are
not
allowed
to
keep
beer
in
the
fridge.
A
So
let's
go
ahead
and
get
started
so
if
you
go
to
and
I
want
to
switch
to
my
screen
here,
if
you
go
to
TGI
Kyo
notes,
it'll,
take
you
to
this
hack
MD
here
and
I'll.
Go
ahead
and
I'll
put
this
in
in
here,
and
this
is
our
notes
for
the
episode
we
can
crowdsource
these
things,
and
so,
if
you
log
in
you
know,
please
be
nice,
don't
graffiti,
but
you
can
add
to
the
notes
if
there's
a
link
or
if
you
want
to
add
some
time
codes,
you
know
we
can
do
this.
A
I,
try
and
clean
these
things
up
check
them
into
our
github
repo.
After
the
fact,
and
so
everybody
should
feel
free
to
get
involved.
There.
I
have
a
lot
of
stuff
that
I
want
to
talk
about
before
we
get
started
so
I'm
gonna,
try
and
move
through
this
stuff
really
fast
and
I'm,
not
gonna
click
on
every
link.
A
So,
okay,
so
last
week
we
didn't
have
an
episode,
because
I
and
pretty
much
everybody
was
down
in
was
down
in
in
San
Francisco
for
VMworld,
and
we
made
a
lot
of
kubernetes
announcements
down
there
and
the
first
thing
that
we
talked
about
was
being
worked
on
zoo
and
I'm
wearing
the
t-shirt,
it's
kind
of
our
Ironman
t-shirt.
We
got
that
on
the
back
and
on
the
front
logo
on
the
back,
so
Thanh
Zhu
is
our
overarching
sort
of
portfolio
of
products
related
to
kubernetes
and
modern
applications.
A
It's
just
a
way
for
us
to
give
a
name
so
that
when
we
talk
to
customers,
when
we
talk
to
folks,
we
can
talk
about
the
entire
experience
that
we're
providing
not
just
specific
products,
and
so
that's
something
that
we're
super
excited
about.
I'm,
not
going
to
click
through
all
the
links
here,
but
we
have
something
that
introduces
Thanh
Zhu
in
general,
but
then
we
really
break
this
down
around.
What
we're
talking
about
as
as
build
run,
manikins
build
is
how
do
you
build
and
run
applications?
How
do
you
manage
and
deploy
those
applications
manages?
A
A
Tansu
itself,
is
a
name.
There's
tendu
with
a
Z
is
actually
Swahili.
I
understand
it
means
sort
of
like
branch
and
so
I
think
you
know
the
connotation
of
like
hey
branching
out
in
a
new
direction
is
really
really
fun
and
then
tansu
with
an
S
is
a
Japanese
word
for
a
traditional
Japanese
cabinet
that
was
actually
built
to
go
on
the
back
of
horse
carts
or
on
ships
or
whatever,
so
it's
flexible
and
durable,
and
so
it's
like
a
portable
container,
which
is
actually
kind
of
cool.
A
So
that's
where
the
town
zoo
name
actually
comes
from
there
and
then
and
I
see
that
folks
are
already
asking
questions
about
actually
deploying
and
installing
a
Tecton
which
is
awesome,
definitely
go
for
it
and
then
there's
one
thing
that
I
did
want
to
call
out
here.
Is
we
introduced
this
thing
called
kubernetes
Academy
and
we're
really
excited
about
this
and
we
even
got
a
cool
domain
kubernetes
dot
Academy,
and
this
is
a
bunch
of
learning
resources
to
start
getting
into
kubernetes,
and
you
know
so.
A
The
reception
here
has
been
great
and
a
lot
of
folks
have
reached
out,
saying:
hey
you
know:
can
we
actually
help
build
this
up
and
actually
get
involved
with
this,
and
so
we're
definitely
looking
to
make
this
to
be
a
more
community.
Curated
resource
really
excited
about
it,
and-
and
we
want
this
to
be
vendor-neutral
so,
like
you
know,
I'll
talk
about
towns
who
I'll
talk
about
Pacific,
but
I
think
you
know
from
our
point
of
view.
The
more
people
can
understand
and
be
effective
in
kubernetes
like
the
better.
A
It
is
for
everyone,
and
so
we're
really
viewing
this
as
a
that's
something
that
stretches
across
all
that
and
I
think
also
like
we're.
You
know
we
we
have
some
of
the
TGI
K
stuff
going
on
here.
Also
so
so
you
know
you
can
find
the
link
to
that.
So
we're
trying
to
sort
of
make
that
part
of
the
the
larger
footprint.
So
that's
super
exciting,
ok,
other
stuff
we
got
to
go
on
so
1.16
is
coming
up
and
there's
gonna
be
some
api's
removed,
some
deprecated
API
s.
A
We've
talked
about
this
before
a
valley
wrote
a
great
blog
article
about
it,
if
you're
not
ready
for
this
and
if
you're
just
like
on
cruise
control,
this
may
catch
you
by
surprise,
and
so
it's
something
that
you
should
be
aware
of.
The
cube
con
cloud
native
con
schedule
is
up
really
exciting.
If
you
follow
sort
of
kubernetes,
twitter
you'll
see
that
there's
a
lot
of
people
go
and
yeah
and
a
lot
of
people
very
disappointed
that
through
talk
didn't
get
it
accepted
it's
it's
always
hard
to
do
these
things.
A
Bryan
Liles,
one
of
our
colleagues
here
at
VMware,
was
on
the
the
program
committee
and
I
think
it
was
something
like
like
you
know.
Only
10%
of
the
submissions
were
accepted.
So,
but
it's
looking
like
an
incredibly
strong
set
of
talks.
It's
going
to
be
a
really
exciting
conference.
Tickets
are
still
available
and
I
think
if
you
get
in
early
there's
still
a
way
to
save
money,
there's
still
an
early
early
ticket
price.
This
is
gonna,
be
down
in
San
Diego.
A
If
you
did
not
have
a
talk
accepted
or
if
you
can
travel
at
San
Diego
early,
there
is
the
rejects
conference,
and
this
was
been
put
on
by
the
kinfolk
folks,
but
I
know
I,
think
they're
there,
the
main
sort
of
sponsors
and
coordinator
there,
but
this
is
really
a
fun
event.
So
this
is
really
just
folks
that
are
like
hey.
We,
you
know,
I
had
an
awesome
talk,
it
didn't
get
accepted.
A
This
is
essentially
an
is
like
an
extended
cube
con
where
a
lot
of
these
talks
that
that
that
didn't
get
accepted
can
gather-
and
this
is
really
community-
draw
around
grassroots.
It's
really
fun
to
actually
see
this
come
together.
So
huge
fan
of
the
rejects
conference
and
what
they're
doing
there
I
don't
know.
I'm
gonna
have
to
see
if
I
can
actually
get
in
early
and
be
able
to
do
that.
A
I,
don't
think
I've
bought
all
my
tickets
yet
and
then,
if
you're
a
contributor
or
would
like
to
be
a
contributor,
then
we
have
the
contributor
summit,
and
so
this
is
this
is
for
folks
not
just
using
kubernetes
but
actually
helping
to
make
kubernetes
better
and
there's
really
two
tracks
to
this
and
george,
who
actually
know.
George
hasn't
been
super
involved.
This
time
Paris
and
the
contributor
experience.
A
Let's
see
so
at
CD
3.4
is
come
in
announced,
which
is
super
exciting,
so
really
great.
To
see
that
this
is
you
know,
development
and
Etsy
D
is
continuing
to
pick
up
and
I
think
what
we've
seen
is
an
effective
handoff
from
Etsy
D
from
being
a
core
OS
RedHat
thing
to
something
that
is
really
being
community
driven
for
me.
It's
really
great
to
see
that
you
know
folks
can
often
move
around
the
industry
between
different
companies,
but
they
can
also
continue
to
essentially
invest
in
project
like
Etsy,
D
and
I.
A
Think
you
know,
and
looking
at
this
from
the
point
of
view
of
the
CNC
F
scene,
project
sort
of
transcend
that
sort
of
vendor
focus
is
really
really
good
and
so
and
there's
a
lot
of
improvements
coming
in
at
CD
3.4.
That
I
was
really
going
to
help
with
kubernetes
scalability
and
efficiency.
So
there
we
go,
and
so
here's
a
here's,
a
big
summary
snapshot,
a
blog
post
on
that
cluster
API.
We're
big
fans
of
cluster
API
here
at
VMware,
putting
a
lot
of
work
into
that
view.
A
Yes,
a
lot
of
improvements,
a
lot
of
lessons
learned
there
and
then
duffy
says
that
at
CD
3.4
will
likely
merge
in
with
kubernetes
1.17
and
so
something
to
look
forward
to
there
and
so
cluster
API
stuff
is
making
progress
really
great
to
see
that
moving
forward
the
end
point
slice
API
is
coming
in
1.16.
This
is
not
something
that
I've
dug
into
so
I
have
not
there's
a
cap
on
this.
That
goes
into
this.
My
assumption
here,
I,
haven't
I,
need
to
learn
about
this.
A
A
Yeah,
but
this
is
not
something
I've
looked
at,
so
this
is
actually
exciting
to
see.
Endpoints
continue
to
move
forward.
One
of
the
things
we
don't
have
here,
but
I'm
really
excited
that's
landing
in
1.16,
is
dual
stack.
Support.
I
was
I
was
down
at
a
thing
in
San
Francisco
yesterday,
talking
with
Tim
Hawken,
who
leads
sig
networked
super.
A
A
Trying
to
remember
who
else
was
was
really
driving
this
from
from
Microsoft,
but
working
with
Tim
in
the
community
to
be
able
to
take
like
we
made
a
mistake
early
on
with
kubernetes
with
things
like
pod
definitions,
where
we
only
assumed
that
there
was
going
to
be
one
IP
address
one
interface
and
essentially
pluralizing
all
the
networking
resources
across
all
of
the
resources
and
figuring
out.
How
do
we
gracefully
actually
move
from
the
old
and
the
new
different
ways
of
representing
these
resources?
A
Lots
of
tricky
API
issues
there
to
make
that
happen,
but
that
work
is
finally
landing.
It's
been
an
enormous
amount
of
work,
and
so
that's
actually
really
cool
to
see
that
happening.
I'm
such
you
know,
networking
related
here,
let's
see
an
overview
of
cron
jobs
from
I
know.
I
don't
want
to
pay
for
for
a
medium,
so
this
looks
really
interesting
using
kittens.
So
it's
a
hadn't
seen
this.
A
Yet
this
is
super
cool
and
I
think
to
be
interesting
to
look
at
sort
of
cron
jobs
versus
some
of
the
pipeline
stuff
and
how
these
relate
as
we
look
at
Tecton
great
primer
of
kubernetes
on
the
edge
talking
about
some
of
the
some
of
the
things
to
think
about
here.
Edge
infrastructure
versus
edge
devices
versus
sensor
is
different,
like
ways
to
deploy.
A
Kubernetes
I
haven't
looked
at
this
too
closely
I'm,
hoping
that
folks
aren't
suggesting
that
you
connect
nodes
over
way
on
links
because
I
think
that's
a
bad
idea,
but
given
any
security
on
it,
let's
see,
and
so
yet
so,
Tim,
I
and
I
believe
hall
will
be
giving
a
keynote
at
coop
con
about
the
dual
stack
support.
So
so
that's
super
excited
exciting
to
see
that
stuff
coming.
A
A
A
And
you
know,
and
one
of
the
questions
that
came
up
was
like
hey:
what's
up
with
kubernetes
security,
and
you
know
and
and
I
think
trying
to
remember
who
it
was
I
think
it
was
was,
was
Tim
who's
like
well,
you
know,
security
is
not
a
binary
thing,
it's
really
a
journey,
and
so
you
know
I'm
really
excited
to
see
us
that
were
continued
to
invest
in
kubernetes
security
and
improving
things
and
then
for
those
who
are
part
of
the
community.
The
kubernetes
election
is
underway.
A
This
is
for
the
kubernetes
steering
committee,
which
essentially
helps
to
guide
a
lot
of
the
governance
structure
of
kubernetes.
So
there's
a
post
here
in
our
this
is
a
Google
Groups
thing
that
George
sent
out
he's
helping
to
run
the
run
this
about
the
schedule
and
how
this
stuff
works.
So,
if
you're
a
contributor
to
kubernetes.
This
is
something
you
should
be
aware
of,
and
you
know
it's
a
way
for
you
to
to
make
sure
that
you
know
you
have
your
influence
in
terms
of
the
direction
of
where
kubernetes
is
going.
A
B
A
I'm
doing
purple,
monster,
Brian
and
then
and
then
and
then
Duffy
just
added
this
thing
talking
about
how
does
Cube
control
exec
work
in
detail
which
looks
really
exciting,
because
this
is
one
of
the
more
complicated
flows
with
things
like
like
I'm
sure,
like
you
know,
we're
doing
like
WebSockets
and
stuff
like
that
and
speedy
and
stuff
like
that.
So
that's
looks
like
a
really
cool,
in-depth
analysis
there,
all
right
all
right.
A
So
that's
me
getting
through
the
notes
really
fast
trying
to
get
through
this
as
much
as
possible
so
that
we
can
dig
in
detect
on
a
lot
of
news
to
catch
up
on
both
between
cube,
con
and
and
the
stuff
coming
in
1.16
and
the
stuff
that
we're
excited
from
the
from
the
VMware
point
of
view.
So
hopefully,
if
you
want
to
dig
into
any
more
of
that,
the
links
are
in
the
notes.
A
A
Jason
is
is
on
the
line
here
in
the
comments
helping
us
out
and
and
Christy
also
both
tectonic
contributors,
and
so
they
can
correct
me
when,
when
I
get
this
stuff
wrong,
so
Tecton
is
kind
of
a
spin-off
of
the
key
native
project
and
soak
a
native
originally
was
really
essentially,
let's
break
down
the
the
serverless
experience
into
into
a
bunch
of
component
pieces
and,
and
one
of
those
pieces
was
how
do
we
build
and
deploy
another
woman
was.
How
do
we
do
like
zero
to
one
auto
scaling?
A
How
do
we
do
like
things
like
build
packs
things
like
eventing?
These
are
all
things
that
sort
of
make
up
sort
of
serverless
and
instead
of
viewing
this
as
sort
of
one
monolithic
project.
Candide
have
always
saw
these
things,
that's
largely
separable
and
the
build
stuff.
Some
of
the
build
stuff
was
so
separable
that
it
actually
got
split
out
into
a
separate
project,
or
at
least
you
know,
inspired
a
separate
project
but
turned
into
Tecton
and
Tecton
itself
is
not
part
of
the
CN
CF.
A
It's
part
of
this
other
foundation
called
the
CDF,
the
continuous
delivery
foundation.
There
has
been
some
hand-wringing
and
and
drama
around
sort
of
CDF
versus
CN
CF,
but
at
the
end
of
the
day,
I
think
it's
a
great
sign
to
see.
Google
continue
continue
to
contribute
at
least
some
open
source
projects
into
a
foundation
so
that
we
can
make
sure
that
there's
a
continued
community
ownership
of
these
things
over
time.
So
it's
really
cool
to
see
that
happen.
A
No,
but
like
I
think
you
know
it's
still
one
of
those
things
where
the
pretty
page
isn't
up
yet
and
all
all
the
real
nitty-gritty
is
happening
in
the
github
in
the
github
repo,
let's
see,
and
so
there's
a
there's,
an
org
and
look
oh
look
like
there's
like
a
CLI
and
stuff
and
triggers
and
dashboard,
but
the
main
thing
I
think
is
the
pipeline
repo.
It
looks
like
so
yeah
I
haven't
seen
all
this
yet
so
I'm
still
figuring
all
this
out,
so
I
am
relatively
new
to
this.
A
A
A
So
you
know
to
two
new
things
together,
but
but
we'll
learn
and
then
set
saying
just
got
this
running
with
proud
triggers
a
few
weeks
ago,
Jason
was
awesome
and
helping
me
to
wire
it
in
go
tech
on
awesome.
So
that's
that's.
What
I
love
to
see
is
that
these
things
actually
become
part
of
solution
versus
being
like.
A
Here's
like
the
whole
thing,
and
so
I
love
to
see
that
hey
these,
these
things
can
wire
in
okay,
so
I
have
a
kind
cluster
up
and
running,
so
I
can
do
kind
yet,
and
one
of
the
things
that
I
was
trying
to
dig
into
is
that
Tecton
is
a
pipeline
for
being
able
to
do
CI,
CD
types
of
stuff.
One
of
the
things
that
you
do
a
lot
of
times
with
with
with
pipelines,
is
that
you'll
have
one
stage
of
your
pipeline:
produce
an
artifact
and
you'll.
A
Have
another
stage
of
the
pipeline
consume
that
artifact
and
to
do
that
you
need
storage,
and
so
you
know
and
we'll
get
into
the
install
instructions.
But
it
looks
like
in
terms
of
artifact
storage,
Tecton
supports
either
persistent
volumes
or
being
ated
upload
to
a
google
cloud
storage
bucket
and
and
since,
like
I'm
Ellie
kind
and
volumes
is
something
that
I'm
still
learning
about
I
think
it
works
well
as
long
as
you're
using
a
single
node.
A
A
Guess,
oh
well,
so
we
have
a
cluster
I
can
do
docker
PS!
You
can
see
that
it's
a
single
cluster
and
then
I
can
do
Cube
control
get
nodes.
There
we
go.
This
has
been
running
for
about
four
hours.
Oh
my
new
kind
get
nodes.
Okay,
so
it
just
gives
you
the
name.
Alright.
Well,
anyways.
We
got
a
cluster
up
and
running
we'll
see
if
we
hit
our
head
up
against
anything.
A
Hopefully
this
will
work
well
and,
and
James
was
saying
that
he's
he's
got
kind
working
with
a
with
with
Tecton,
so
we
should
be
good
there,
alright,
so
there
we
go
so
now,
like
I'm
gonna,
be
like
hey
here:
let's
install
it
so
I'm,
just
we're
gonna
go
through
this
together.
The
first
thing
you
need
is
root
or
cluster
admin
on
your
cluster.
A
If
you're
running
on
gke,
this
can
be
a
little
bit
complicated,
with
the
way
that,
like
gke
authentication
like
intersects
with
our
vac,
and
so
you
may
have
to
actually
do
some
of
this
type
of
stuff,
but
we
already
have
a
cluster.
So
we
don't
need
to
do
that
and
then
the
first
thing
that
we
do
is
we
can
go
ahead
and
actually
apply
it
and
we're
going
to
be
doing
a
cube.
A
A
B
A
A
A
A
All
right
and
then
we
have
a
service
account
in
the
Tecton
pipelines
and
a
role
binding
of
that
to
the
admins
okay,
so
we're
essentially
creating
a
cluster
admin
role
account
in
the
Tecton
pipelines.
So
this
is
something
that
I
always
have
a
hard
time
with.
Is
that,
like
I,
would
love
to
see
a
way
for
these
things
to
be
installed
in
a
sort
of
more
localized
way?
It
always
scares
me
when
I
see
like
oh
hey.
We
have
a
we're
installing
a
service
account
that
gets
routed
across
everything.
A
It
makes
me
feel,
like
you
know
like
we're,
creating
another
tiller
now,
not
that
we
are
but,
like
you
know
it's
it's
something
that
always
gives
me
a
little
bit
of
pause,
and
then
we
have
a
bunch
of
resource
definitions,
I
like
to
see
the
resource
definitions
being
installed
via
the
ammo
versus
actually
being
installed
on
first
run,
because
I
think
that
means
that
you
can
take
those
permissions
away
later
and
then,
let's
see,
and
then
we
have
another
couple
cluster
roles.
We
have
a
service
with
a
pipelines
controller.
A
Okay,
then
we
have
a
config
map,
artifact
buck
bucket
and
artifact
PVC.
Do
we
want
to
install
both
of
those
things
or
do
we
want
to
actually
install
one
they're,
both
null
and
then
Tecton
default
with
a
default
timeout
and
then
a
config
map
for
Tecton
pipeline?
So
we
have
a
bunch
of
like
config
II
stuff
going
on
here.
A
A
A
Is
that,
like
things
like
sto
or
Tecton,
or
you
know,
these
things
can
be
complicated
enough
to
config
themselves
that
you
end
up
with
sort
of
a
bootstrap,
install
or
operator
that
gets
install
that
then
configures
the
larger
system,
which
is
really
interesting,
and
then
that
start
to
overlap
with
well,
you
use
hammer
to
use
an
operator
to
use
helm,
install
to
get
operator
and
then
whatever
so
Flamel,
yes,
lambo,
that's
our
new
term
when
you
just
slam
the
amal
in
so
a
lot
going
on
here.
Alright,
I'm
gonna!
Do
we
do
cap?
A
A
A
A
F,
that
was
the
flag
guys
looking
for
alright
and
so
here
yeah.
So
this
gives
us
a
summary
of
all
the
stuff
that
we're
gonna
be
deploying
Oh.
Mr.
Windsor
how's
it
going
so
Michael
here
is
actually
the
product
manager,
at
least
one
of
the
product
manager
over
had
people
for
Tecton
and
Michael
and
I
worked
together
back
in
the
day
on
Internet
Explorer,
so
I
started
my
career
here.
A
Working
with
Michael,
and
so
he
has
a
long
and
industrious
and
interesting
career
alright.
So
this
shows
us
what
we're
doing
so:
we're
creating
a
bunch
of
C
RDS
we're
creating
some
cluster
roles,
a
name
space,
pod
security
policy,
a
lot
of
really
interesting
stuff
and
then
a
bunch
of
like
configs
going
on
here.
So
let's
just
go
ahead
and
we're
going
to
slam
this
in.
A
I'll
drink
my
purple
drink
ermahgerd,
that's
right!
The
whole
team
is
there,
so
always
Kim
part
of
the
part
of
the
team.
Also,
alright.
So
there
we
go
cube,
control,
get
namespaces
and
we
now
have
Tecton
pipelines
and
we're
off
to
the
races
here,
and
so
now
you
see
why
I
like
cap,
isn't
that
cool
that's
much
better
than
cube
control
apply.
It
gives
you
all
this
stuff
and
then
actually,
when
you
do
a
further
deploy,
it
actually
tells
you.
A
It
also
tells
you
what
the
diffs
are,
so
that
you
actually
have
a
much
better
idea
of
what's
going
on
alright,
so
we're
not
going
to
do
the
operator
we'll
skip
that
for
now,
so
we
got
that
going
on
and
then
we
talked
about
resources
and
artifacts.
How
do
you
share
what
artifacts
between
things,
and
so
so
we
have
to
configure
a
persistent
volume,
and
so
when
looking
through
the
amel
here
and
I
and
so
to
be
clear,
like
I,
think
the
install
instructions
could
be
clear
here.
A
I
think
I
know
what
I'm
doing,
but
I
think
what
I
can
do
here
is
I
can
find
there's
a
config
map
here
for
the
artifact,
so
it
says
create
one
called
config,
artifact
PVC
here
and
then
the
data
right.
Now,
it's
no,
but
it's
saying
that
I
you
want
to
create
size,
five
gigabytes
in
the
storage
class
name,
so
I
think
I
can
do
size.
A
Built
into
kind
as
a
standard
is
what
we
have
here.
So
if
I
do
that,
then
I
think
we're
good
to
go
and
now,
if
I,
do
they
like
the
cap
deploy
again
now,
it's
like
hey
here's,
what's
gonna
change
and
it
says:
okay,
we're
changing
the
artifact
and
then
oh.
This
is
interesting.
That
thing
it
thinks
it's
going
to
do
an
update
to
the
controller
in
the
webhook
and
I
wonder
what
those
updates
actually
look
like.
We
do
like
a
deep
diff
I.
A
A
A
It's
cap
becoming
a
standard
cubic
tool.
I,
don't
think
so.
I
mean
like
cap
is
really
I.
Would
love
to
see
more
folks
start
to
use
cap
because
I
think
it
does
provide
a
better
experience,
but
you
know
I'm
not
sure
how
much
interaction
has
been
between
that
team
and
that
and
the
six
CLI
cute
control.
A
Folks
I
think
this
stuff
will
also
get
interesting
with
server-side
apply,
which
is
this
whole
other
probably
too
deep
to
go
to
right
now
about
sort
of
like
how
do
we
actually
deal
with
merging
changes
from
different
places
into
it
into
a
single
resource,
all
right
cool,
so
we
got
that
up
and
running
so
did
I.
Do
the
right
thing
there
in
terms
of
being
able
to
you
know
the
Tecton
team
and
in
terms
of
being
able
to
configure
that
I
guess
we'll
see
as
we
go,
but
hopefully
that
was
the
right
thing
to
do.
A
Alright,
so
now
I
think
we
got
things
set
up,
but
what
did
we
set
up?
I
think
that's
the
big
question.
So
we're
gonna
go
through
the
tutorial
here.
Actually
so
before
we
go
to
tutorial
I.
Just
looked
at
the
docs,
and
this
is
the
thing
that
I
think
or
let's
read
this
okay,
so
Tecton
pipelines
are
cloud
native.
A
They
run
on
kubernetes
kubernetes
cluster
as
a
first-class
type
and
then
use
containers
this
building
blocks
so
that
all
sounds
great
I
think
not
just
cloud
native
but
kubernetes
native
in
terms
of
working
with
things
like
our
back
and
namespaces,
and
all
that
instead
of
working
against
it
pipelines
are
decoupled.
So
you
can
use
one
pipeline
to
can
deploy
to
any
kubernetes
cluster.
A
So
you
can
have
your
test
deploy
thing
and
that
can
deploy
to
your
production
cluster,
so
you're
not
necessarily
running
a
bunch
of
your
sort
of
build
deploy
infrastructure
on
the
same
cluster
that
you're
actually
running
your
workloads
on
I.
Think
one
of
the
things
that
I
think
from
the
point
of
view
of
sort
of
like
original
kubernetes
folks.
That
caught
us
by
surprise
is
that
you
know
inside
of
Google.
A
Board
clusters
are
huge
and
they're
centrally
managed
by
by
Borgess
re
and
they're,
very
much
sort
of
multi,
tenant
or
team,
at
least
across
all
the
users,
and
so
you'll
have
search
running
next.
To
Gmail
running
next
to
MapReduce
running
next
to
machine
learning,
all
those
things
will
will
be
running
on
the
same
cluster
and
creating
a
new
board.
Cluster
was
like
essentially
buying
a
building,
and
so
it
was
a
big
thing.
But
as
we
move
to
cloud
as
we
build
kubernetes,
the
original
assumption
with
kubernetes
is
again.
A
A
And
so
we
moved
from
a
world
inside
of
Google,
where
you
have
these,
like
big-ass
clusters
to
a
world
where
clusters
tend
to
be
more
single-purpose
and
and
so
or
at
least
they
can
be,
and
so
people
definitely
view
clusters
is
more
immutable
and
so
I
think
we're
starting
to
see
that
the
tools
are
adapting
to
deal
with
this
Multi
cluster
world
and
I.
Think
the
fact
that
the
Tecton
works
cross
cluster
is
a
great
example
of
that.
So
Jeffrey
says
a
cap
like
providing
lots
of
insights
like
terraform,
yeah
yeah.
So
that's
why
I?
A
Like
cap-
and
we
did
I-
did
an
episode
on
cap
a
little
while
ago
and
ytt,
which
is
a
templating
solution.
That
is,
is
complimentary,
so
that's
cool,
okay
and
then
Tecton
pipelines
are
type.
So
the
concept
of
type
resources
mean
that
any
that
for
a
resource
such
as
image,
implementations
can
easily
swapped
out
I'm
interested.
Is
this
using
some
of
the
sort
of
duck
typing
stuff
that
is
sort
of
more
endemic
of
Kay
native
I'd
love
to
hear
and
see
more
about
that
all
right?
And
then
as
we
go?
A
And
if
we
just
look
at
the
the
docs
I,
look
at
Doc's
at
head
looks
like
the
main
objects
whenever
I'm
looking
a
system
like
this
I'm
like
what
are
the
nouns.
So
the
nouns
we
have
here
if
we
have
pipelines
and
pipeline
runs
so
a
pipeline
is
just
a
thing
that
can
be
triggered
and
it
runs
to
completion.
A
So
it's
kind
of
a
little
bit
like
a
task,
but
it's
more
complicated
than
that
and
Jason's
saying
that
this
does
use
some
of
the
duck
typing
or
Christy
is
also
saying
that
using
some
of
the
key
native
packaged
stuff
and
shared
lives
and
in,
but
they
want
to
do
more
in
the
future.
So
yeah,
the
duck
typing
stuff
is
super.
Interesting
I
think
it's
really
really
cool
and.
A
Might
be
worth
doing
an
episode
on
on
that,
okay,
or
at
least
you
know,
I
did
have
pointed
out
like
I,
think,
veal,
a
and
and
and
I
don't
know.
Who
else
did
a
talk
on
duck
typing
at
the
last
cubic
on
and
then
there's
tasks,
which
are
the
individual
things
that
are
part
of
a
pipeline,
cohesive
and
loosely
coupled
and
then
you
have
tasks
runs
tasks
can
depend
on
artifacts
and
parameters
created
by
other
tasks.
A
So
it
seems,
like
tasks,
are
kind
of
like
a
kubernetes
job,
but
with
sort
of
more
interface,
information
about
inputs
and
outputs,
and
then
pipelines
are
a
thing
that
string
together
a
bunch
of
tasks.
Then
tasks
can
be
invoked
via
tasks
runs
and
then
pipeline
resources
are
those
artifacts
that
get
pushed
around
between
them
and
then
there's
like
how
to
create
a
new
pipeline
and
well,
let's
go
through
the
tutorial,
because
I
think
this
is
the
sort
of
much
more
detailed
but
I.
A
A
A
Metadata
spec
have
a
set
of
steps,
name,
image
command
and
arc,
so
this
is
like
a
simplified
pod
template.
So
one
of
the
questions
that
I
have
here
is,
is
you
know
we
did
things
with
pods
that
you
could
have
multiple
containers
working
together.
As
we
look
at
things
like
this,
do
we
have
a
way
to
actually
sort
of
implement,
sidecars
or
initializers,
or
that
type
of
thing
with
this
and
so
like?
A
If
you
look
at
something
like
Sto,
a
steel
will
run
a
web
hook
for
being
able
to
inject
sidecars,
and
so
you
can
definitely
have
like
a
an
admission
controller
mutating.
The
mission
controller
that
can
inject
a
sidecar
for
you
in
a
transparent
fashion,
but
I
think
there's
times
when
you
want
to
sort
of
manually
inject
the
sidecar
as
part
of
sort
of
your
buildconfig
pipeline,
also,
instead
of
actually
having
something
doing
that
at
run
time
and
so
Jason
saying,
okay,
sidecar
support
just
LAN,
you
can
specify
sidecars
siblings,
two
steps.
Okay,
so
that's
interesting!
A
So
then,
there's
a
recognition
that
you
have
sort
of
your
your
main
container
and
then
you
have
a
bunch
of
sidecars,
whereas
I
think
kubernetes
in
general.
When
you
look
at
a
pod,
there
is
no
idea
of
the
main
container.
All
containers
are
kind
of
equal
in
that
in
that
level,
I
think.
Maybe
it
would
be
interesting
to
think
about
like
what
would
it
look
like
if
we
did
define
the
idea
of
a
main
container
in
kubernetes
pods?
What
would
that
actually
help
us
with,
but.
A
For
something
like
tacked-on,
where
you
want
to
actually
be
able
to
judge
it's
much
easier
to
judge
success
and
failure
and
stuff
like
that,
startup
shot
down
like
the
sidecar
kind
of
runs
forever.
But
you
know
hey
when
the
main
container
shuts
down,
then
you
probably
want
to
pull
down
and
actually
declare
that
the
task
is
done
so
yeah
there's
some
sticky
issues
with
expect
to
sidecars
and
things
like
jobs
for
sure,
okay,
so
Jason's
saying
that
we
can
do
some
of
that.
So
alright,
so
this
is
just
gonna.
A
A
A
So
that's
actually
cool
alright,
where
you
assume
that
you're
using
the
same
footprint
sharing
stuff
between
these
things
is
really
easy,
whereas
sharing
stuff
between
different
tasks
will
be
much
more
heavyweight
and
you'll
see
a
lot
more
composability
between
tasks
than
within
a
task
I'm
assuming
okay
cool.
Let's
see
so
there
we
go.
We
got
that
and
then
a
task
run
runs
the
test.
You
defined
here's
a
simple
example.
A
A
A
Okay
pipelines
are
how
you
do
multiple
parallel
task
runs.
Okay,
so
that's
how
you
start
doing
sort
of
the
graph
on
this
stuff.
Well,
look
at
that
Michael's
like
delegating
already
okay,
yeah
I
mean
how
you
actually
do.
The
sequential
stuff
within
a
pot
is
gonna,
be
interesting.
I'm
definitely
gonna
be
looking
at
that.
Okay,
so
so
now
I
can
do
cap
or
I'll
just
do
Q
control
apply
a
chef
below
task.
B
A
A
A
A
A
A
All
right
so
we'll
just
leave
this
running
in
the
background
here
and
we'll
see
what's
happening.
So
one
of
the
things,
if
you
all
are
up
to
it,
I'd
love
to
see,
there's
a
plug-in
model
for
for
octant
I'd
love
to
see
us
having
like
things
like
a
Tecton
specific
set
of
plugins
for
octant,
which
would
be
really
really
cool,
Oh
Jason,
saying,
hey
started
looking
at
that
already
graph
is
support
out
of
the
box
and
all
that
yeah.
So
that's
super
cool,
okay,
but
we're
that
I
have
this
done.
A
We
can
look
at
the.
If
we
have
time
we
can
look
at
the
Tecton
dashboard.
Okay,
but
now
I
can
do
a
cube.
Control
applied
a
chef,
hello
tasks,
Ron
yeah
mo
so
this
created
it
and-
and
we
can
look,
they
task
runs
all
right,
so
status,
okay
and
we
got
there's
the
tasks
run,
which
is
actually
we
have
some
pods.
Those
pods
are
orange,
so
something
weird
is
going
on.
We're
probably
downloading
a
boot
to
image.
Well
bottom
of
the
terminal
is
cut
off.
Okay.
Let
me
go
back
sorry
about
that.
A
Oh
you
know
that
happens
when
I.
When
I
created
the
new
tab,
so
so
I
use
this
Mac
utility
called
moom
and
I
have
a
I
have
a
quick
key
for
essentially
shrinking
the
window
just
so
it
works
just
right
for
for
kubernetes
I
referred
TGI,
K,
okay,
so
we
have
this
okay,
it's
succeeded
and
we
have
an
event
that
goes
with
it.
A
This
is
actually
really
cool
and
then,
if
we
want
to
look
there's
the
resource
viewer
in
the
relationship-
and
what
we
can
see
here
is
that
the
yamo
says
has
a
condition
called
succeeded.
That's
set
to
true,
and
so
this
actually
is
really
interesting,
and
this
is
something
I
want
to
call
attention
to.
This
is
some
of
the
duck
typing
type
of
stuff.
A
Okay,
here's
the
steps
out
of
each
of
these
things
that
are
completed
when
they
actually
completed
and
and
I.
Think.
If
we
go
back
to
to
the
tutorial
there,
we
have
the
output.
Now
one
of
the
things
that
I
know
you
all
spend
a
lot
of
time
on
is
how
do
you
actually
get
logs
of
these
things,
but
I
think
maybe
pipelines?
A
A
Get
grep
pod
name,
okay,
so
then
we
just
go
through
and
we
actually
sort
of
look
at
the
logs
and
you
get
this
specific
container.
So,
let's
see
if
we
can
actually
see
that
from
octant,
so
we
can
go
through
you.
Look
at
the
resource.
Viewer
find
the
we
don't
hyper
link
to
this
Brian,
so
we
have
a
pod
there.
A
B
A
A
B
A
A
A
A
A
Okay,
I
get
what's
going
on
here.
This
is
fascinating,
alright.
So
what
we
have
is
that
there's
a
there's
a
lot
of
stuff
there's
a
lot
of
magic
going
on
here,
but
basically
what
happens
is
each
of
the
containers
they
they
inject
some
binaries
into
this
via
volume
mount
and
then
they
essentially
use
utilities
from
that
volume
to
be
able
to
coordinate
sort
of
startup
of
things
across
different
containers,
and
so
we
see
well
I,
don't
know.
So.
Where
does
builder
tools
come
from?
A
B
A
That's
that's
a
little
bit.
That's
a
little
bit
of
magic
going
on
there
really
looking
I
really
look
to
see
how
the
sausage
is
made.
Then
Christy
is
going
to
be
given
a
cube.
Con
talk
to
actually
digging
a
little
bit
deeper.
So
this
is
why
I'm
guessing
y'all
are
using
the
abouttwo
container
instead
of
something
like
the
Alpine
container,
because
you
probably
want
to
assume
that
you
have
some
stuff
in
the
in
the
image,
which
is
something
I
was
wondering:
okay,
so,
okay.
So
the
thing
that
we're
seeing
here
is
out.
A
Okay,
Jason
is
saying
that
Alpine
works
to
everything
we
need
is
populated
by
the
ethnic
container,
so
yeah.
So
that's
really
clever.
I
think
it
speaks
to
how
flexible
kubernetes
is
and
I
don't
know
if
that's
a
good
thing
or
a
bad
thing,
but
that's
pretty
cool
okay.
So
so
we
got
logs
we're
good
and
we
can
continue
on
with
the
tutorial
here.
A
A
For
example,
tasks
could
fetch
it
source
code
from
github
repository
and
build
a
docker
image
from
it.
Pipeline
resources
are
used
to
define
the
artifacts
can
be
you
pass
in
and
out
of
a
task.
There
are
a
few
system
to
find
resources.
Types
ready
to
use
the
git
resource
represents
a
git
repository
with
a
specific
version.
A
Let's
see,
but
if
we
have
a
UI
functional
test,
CITV
pom
and
we
need
a
kind
virtual
machine
with
VNC.
Ok,
so
here's
something
interesting,
we're
looking
at
doing
something
like
cube
vert
as
as
actually
being
a
resource
that
you
can
orchestrate
for
VMs
and
so
yeah
I
think
launching
and
managing
VMs
is
PI
to
the
part
of
these
things
is
not
totally
crazy,
either.
A
A
A
A
A
A
A
Can
you
all
see
this?
Is
this
big
enough
for
y'all?
Let
me
know
if
this
is
too
small
to
read,
so
we
have
a
task
and
that
task
has
inputs.
Okay,
so
one
input
here
is
the
thing
called
docker
source
of
type
yet,
and
so
I
want
to
look
at
the
artifact
again,
so
the
type
is
so
so.
The
CRD
is
just
pipeline
resource,
but
there's
a
type
there,
so
we
don't
actually
have,
and
then
these
things
end
up
being
just
key
value,
pairs
and
stuff.
Okay,
so
this
is.
A
This
is
like
a
subtype
I
mean
you
could
also
go
down
the
path
where
you
create
a
CR,
deeper
type
of
resource,
but
I
think
that
becomes
problematic
when
you
want
people
to
be
able,
define
new
things,
and
you
really
need
sort
of
cluster
admin
to
define
new
CR
DS.
So
so
this
is
a
duck
typing
type
of
thing.
A
Perhaps
yeah
I
think
this
is
a
place
where
you
can
use
duck
typing
or
you
could
either
have
this
generic
pipeline
resource
or
you
could
have
more
strongly
type
things
that
follow
patterns
that
you
can
use
all
right.
So
so
we
have
the
build
image
task.
Actually,
let's
rename
this
can
I
rename
it
to
build
image
task.
A
A
A
A
Don't
we
did
an
episode
of
Conoco
essentially
goes
through
and
and
makes
it
more
explicit
what
that
context
is,
and
so
this
is
the
context
that
you're
using
I
assume
that
this
will
actually
sort
of
tar
this
thing
up
here
and
then
it
outputs
an
image.
And
then
the
steps
here
on
the
tasks
are
build
and
push
where
we
are.
A
A
Maybe
that's
in
the
run,
I,
don't
know
and
then
command
we're
gonna
just
execute
conte
and
then
inputs
params,
okay,
so
this
sort
of
interpolation
syntax.
This
is
something
that
cube
control,
I
believe
does
where
we're
actually
pulling
the
params
through
or
no.
This
has
to
be.
This
has
to
be
a
task
specific
thing:
I,
don't
think.
Kubernetes
knows
how
to
interpolate
that
yeah.
So
Jason
saying
that
the
tutorial
is
missing,
setting
up
the
creds
Jason.
A
I'm
happy
to
actually
quickly
go
through
and
actually
create
a
service
account
and
get
that
into
a
secret,
and
do
that
when
you
all
aren't
looking
alright.
So
these
are
the
the
inputs
and
the
outputs,
so
you
can
essentially
use
those
as
arguments
in
your
steps,
which
is
cool.
This
is
very
it's
interesting.
This
is
very
Google,
asked
to
actually
add
more
and
more
stuff
as
command
line
flags,
whereas
I
think
a
lot
of
folks
outside
of
Google
would
actually
do
this
stuff
using
just
there's.
B
A
Of
stuff
outside
of
Google
that
that
would
use
environment
variables,
okay,
so
let's
go
through,
and
then
we
have
a
task
run
here
and
we'll
see
what
we're
missing
out
of
the
tasks
run
and
how
we
actually
bind
all
this
stuff
together.
So
a
new
file
build
image
task,
Ron,
gamal,
so
tasks
run
the
resource.
Here's
where
we
actually
bind
in
scaffold
get-
and
we
say:
okay,
the
path
to
the
docker
file.
A
Then
the
output
is
going
to
be
the
resource
that
we
had
here
that
we
already
defined.
So
this
is
our
output
resource
yeah.
It's
so
understanding
like
the
the
secrets
flow
through
this
actually
gets
really
really
complicated.
Okay,
so,
basically
create
a
service
account,
give
it
a
secret
annotate
this
as
a
docker
cred
and
then
run
then
run
the
task
run
as
the
service
account.
Okay,
so
let's
go
through
and
will
fumble
our
way
through
this
cube
control
create
sa
task
run.
A
So
we
have
that
service
account.
I
have
to
create
a
secret.
So
let
me
go
through
and
GCR
dockers
kubernetes
secret
and
see
if
I
can
find
the
way
using
GCR
with
some
random
container
solutions.
Well,
look.
We
have
a
hefty
Oh
thing
here.
We
wrote
this
awhile
ago.
This
may
be
out
of
date,
so
create
an
image
pool
secret
container.
A
A
A
A
A
Let
me
talk
about
how
what
I
think
about
GCR
I
am
I
mean
you
know
nobody's
in
love
with
AWS
I
am
but,
like
my
god
at
least
like
you
know:
ok,
filter
registry,
nope,
GE,
CR,
nope
that
I
have
to
be
okay,
so
now
GC
r
is
actually
I.
Think
so
now,
I'm
like
okay,
GCS
role
for
GC
our
project
editor
nuclear
option.
I
know
right
like
configuring,
access
control
for
GTR
and
I.
A
Think
okay,
you
just
need
essentially
storage
admin
for
this
stuff,
and
this
comes
back
to
the
history
of
the
way
that
GC
r
is
actually
backed
by
cloud
storage,
storage,
admin
which
is
sucks
because
I
actually
only
want
to
do
it
for
a
particular
bucket,
but
with
EWS
I
am.
I
can
actually
restrict
this
as
with
a
policy
document
that
at
least
I
know
how
to
write.
But
ok,
I'm
sorry
youtube
is
not
sending
my
messages
that
have
links
in
them.
I'm
not
seeing
them.
I'm
sorry
Christy!
A
A
A
A
A
Skips
history,
if
you
start
a
command
with
the
blank
space
before
the
command?
Oh,
that's
a
good
tip
I
like
that.
That's
cool!
Alright!
So
there
we
go
now.
I
have
a
service
account?
Okay!
Now
the
question
is:
how
do
I
actually
go
through
and
actually
say,
I
want
to
use
that
service
account
in
a
build
image
tasks
run.
Is
it
some
tasks
run?
Is
there
a
way
to
actually
say.
A
A
A
A
A
A
A
A
Okay,
so
this
is
the
thing
okay,
so
this
is
my.
So
this
is
one
of
the
things
I'm
struggling
with
right
here
is
that
I
don't
understand
the
schema
for
whether
this
s,
this
secret
should
show
up
in
tasks
or
tasks.
Ron
I'm,
assuming
it's
tasks
run,
but
it
could
be
tasks
also,
but
I'm,
assuming
it's
tasks
run
and,
in
any
case
we're
actually
looking
at
docker
config
here
in
builder
home
got
docker
I'm
wondering
how
do
we
actually?
A
What
is
the
right
format
there
and
how
do
I
inject
that,
using
using
tech
time
if
you
annotate
the
figure
with
the
docker
annotation
use
essay
in
your
tasks,
run
Tecton
will
prepend
steps
in
jet
creds
as
the
docker
config
JSON
to
your
workspace.
So
tasks
run
okay,
so
each
step
is
a
container
spec.
Okay,
so
I
have
the
essay
set
up
I?
Have
it
set
up
with
the
docker
with
the
with
the
the
registry
credentials?
I
just
need
to
use
the
essay
to
configure
the
tasks
run.
A
A
A
A
Err
when
listening
tasks
retire
and
build
doctor
image
from
good
source,
that's
run
billdocker
image
from
get
source
not
found.
Did
I
not
install
the
task?
Cube
control,
applied
a
low,
build
image
test.
I,
know
I.
Think
I
forgot
to
do
that.
Okay,
so
now,
will
this
thing
actually
is
this
thing
like
hey
I'm
done
or
succeeded
false?
So
this
is
a
terminal
condition.
It
won't
try
and
resolve
so
cube.
Troll
get
runs
so
cute
control,
delete
tasks,
run.
A
A
A
A
A
Touch
github
commit
ID
and
all
that
okay,
so
this
thing
knows
how
to
like:
okay,
so
we're
grabbing
scaffold,
we
were
able
to
create
the
dur
for
the
built
image.
There's
a
lot
of
convention
going
on
here,
I
think
one
of
the
things
I'd
love
to
see
is
like
talk
about
sort
of
like
what
are
the
different
objects
and
sort
of.
What
is
the
convention
mean
around
this
because
there's
like
magic
happening
like
oh,
when
I
specify
a
git
source,
then
that
means
that
XYZ
gets
injected?
How
do
we
extend
that?
Is
that
extensible?
A
A
A
You
must
also
add
to
the
secret
is
the
fact
that
is
for
dr.
with
an
annotation
saying
it
is
for
doctor
yeah,
so
I
used
that
so
I'm
gonna
flash
this
on
the
screen
and
y'all
can
like
push
stuff
to
my
registry.
But
if
I
do,
can
it
go
secret
here?
You'll
see
that
this
is
a
service
account
here?
Oh,
that's
that
one
okay,
cute
control
get
sa
no
get
secret.
A
And
here
you
can
see
that
this
thing
is
a
docker
config
JSON,
that's
been
basic,
ste
4,
encoded
again
copy
it
off.
My
screen
and
type
is
docker
config
JSON.
So
it
should
know
how
to
do
that.
So
I
have
okay.
So
what
I
have
here
is
I.
Have
a
image,
pull
secret,
that's
in
the
right
format
and
marked
as
such.
I
have
that
set
as
an
image
pool
secret
in
the
service
account
and
then
I.
Have
that
service
account
hooked
up
through
Tech
time?
Do
I
maybe
have
to
let
me
try
cube
control.
A
A
Credential
initializer
apparently,
but
like
we
can
do
step,
building
push
okay,
downloading
the
base
image.
So
now,
are
you
all
thinking
about
like
hey?
Can
we
opportunistically
have
a
bunch
of
artifacts
for
doing
things
like
caching
base
images
and
stuff
thinking
about
like
the
idea
of
having
sealed
artifacts,
where
it's
like
hey?
This
is
something
that
is
read-only
after
it's
actually
created
for
things
like
I
could
see
like
a
whole
bunch
of
like
optimizing
around
artifacts
and
making
sure
that
you're,
not
downloading
or
up
downloading
stuff
as
much.
What
would
be
would
be
good
so.
A
A
And
we'll
see
what
happens
here
and
then
we're
running
out
of
time
here
so
well.
If
this
doesn't
work,
then
I'll
just
say:
hey,
you
know
configuring
secrets
and
connections
and
image.
So
this
is
the
type
of
stuff.
When
everybody
deals
with
this,
they
just
bang
their
head
against
the
wall,
it's
all
fun
and
games
until
you
have
to
store
to
get
all
this
configuration
set
up
and
so
I
think
you
know
you
know
definitely.
A
You
know
making
that
be
as
straightforward
as
possible.
That's
definitely
gonna
be
something
that
I
think
folks
are
going
to
struggle
with
and
then
being
able
to
did
it
work
pushed
blob,
woohoo,
alright.
So
now,
if
we
go
through
here
and
if
I
can
find
it
wherever
the
heck,
this
is
in
the
like
Google.
A
B
A
There
we
go
alright,
so
if
things
went
as
planned,
Leroy
that
it
worked,
we
have
an
image,
six
point:
six
megabytes
we
built
it.
We
push
it
awesome,
alright.
So
that's
super
exciting.
That's
very,
very
cool,
alright!
So
sorry
that
that
ended
up
being
so
hard
because
I
feel
like
we
haven't
even
gotten
to
pipelines
yet
but
I
think
understanding
tasks,
inputs,
outputs
and
like
how
you
configure
those
I
think
is
super
interesting.
A
A
This
needs
a
visualization,
obviously
now
I
haven't
looked
at
like
this
starts
to
get
very
similar
to
things
like
Argo
and
I
would
love
to
like,
compare
and
contrast
what
I
haven't
looked
at
our
going
forever,
so
I'd
love
to
see
some
of
the
decisions
made
with
Tecton
versus
Argo
and
actually
see
what's
happening
here,
but
so
what
we
have
here
is
I
just
want
to
understand
what's
going
on
here,
so
this
is
a
pipeline.
So
the
first
thing
we're
gonna
do
is
build,
build
and
push
the
image.
A
Okay,
and
then
we
have
another
thing
which
is
deploy
web
to
web,
which
essentially
is
you
have,
let's
say,
a
deployment,
yeah
Mille
and
then
and
then
essentially
the
the
thing
that
we
want
to
modify
and
slam
in
there.
So
the
parameter-
and
the
name
of
the
image
of
this
is
a
task.
We
have
to
find
this
task,
so
this
task
actually
takes
deploy
using
cube
control.
We
actually
have
a
git
source
for
the
yeah
memo.
We
have
the
name
of
the
image
and
we
have
the
image
that
we're
using
the.
A
So
this
isn't
something
that's
interesting.
So
we
have
the
image
here.
This
is
modeled
as
a
resource,
but
also
like
is
that
it's
a
read-only
resource,
that's
essentially
a
string.
So
in
some
ways
this
is
a
pram
also,
so
I
think
you
know
I
think
it's
also
interesting
like
like,
like
params
versus
resources,
there's
a
subtlety
there
when
they're
small
enough
that
they're
essentially
just
strings,
and
so
that's
something
that's
interesting.
So,
okay,
so
now
we're
actually
going
through.
A
We
have
like
you,
we're
doing
a
little
bit
of
like
yeah
mo
mangling,
and
then
we
have
run
cube
control.
That's
actually
going
to
apply
this
stuff
and
then
obviously,
if
you're,
using
something
like
customizer
cap
or
whatever,
that's
like
a
templating
and
apply
thing,
you
could
actually
do
it,
then
also
these
things
are
actually
reusing.
Let's
see
so
we
have
the
Y
ammo
path
to
image,
so
the
the
inputs,
params
path
path,
is
the
path
to
the
manifest
to
apply.
A
This
thing
is
essentially
editing
that
thing
in
place,
but
I
assume-
and
this
is
again
like
there's
an
execution
context
for
things
in
a
task
where
they
can
actually
share
data
between
them.
What
that
path,
like
there's
a
bunch
of
path
names
in
here
that
feel
very
magic
to
me,
understanding
the
environment.
That's
actually
going
in
with
this
stuff
would
be
super
interesting
to
me
and
then
just
and
then
we
do
the
run
and
we're
saying.
Okay,
scaffold
get
so
we're
reloading.
That
gets
we
end
up.
A
Okay
and
then
we
have
deploy
a
workspace
source
examples
mike
rizzo
yeah,
so
like
where
different
things
get
mounted
in
is
something
that
like
like,
where
does
workspace
source
examples
like
what
is
workspace
and
how
does
that
relate
to
the
git
repo
right,
because
I
think
this
is
coming
from
the
git
repo
and
what
is
the
rewrite
model
for
that
stuff?
And
what,
if
I,
have
multiple
git
repos
coming
in?
Do
they
actually
be
source
one
and
source
2?
Ok,
so
the
input
name
food
gets
mounted
into
food
okay.
A
So
this
is
source
repo
here,
ok
and
then
I
see
so
that's
the
resource,
oh
and
then
in
the
tasks
the
input.
So
these
are
actually
kind
of
volumes
really
and
then
here
here
we
have
an
input.
So
the
fact
these
are
called
the
inputs
and
not
volumes,
but
they
get
mounted
in
a
specific
place.
That's
a
little
bit
confusing
ok,
but
this
source
matches
up
with
this
source.
A
A
A
Ok,
but
I
think
I
understand
sort
of
this
gets
this
gets
mounted
in
and
it's
a
resource
and
then
the
resources
that
don't
get
volume
mounted
those
things
feel
like
they're
kind
of
config
parameters
really,
and
so
that's
one
of
the
things
like
there's
a
subtlety
between
artifact
and
and
config
here,
but
now
we're
going
through
and
we're
actually
doing
a
and
we
have
Lakis
kubernetes,
cube
control
thing
and
we're
actually
doing
an
apply
there.
And
then
this
is
a
summing.
This
is
assuming
that
you're
just
reusing
your
default
service
account.
A
So
if
you
build
an
image,
a
task
that
gets
the
image
from
that
image
should
be
able
to
access
the
exact
image
that
was
built
by
digest.
Oh
I
see
so
one
of
the
things
that
goes
into
the
artifact
is
the
actual
digest
that
got
built
so
that
you
can
actually
make
sure
that
you
don't
get
any
skew
when
you
have
a
bunch
of
these
things.
Working
in
parallel
right.
A
You
miss
configure
multiple
pipelines
and
they're
all
building
the
same
image
and
then
your
reference
in
that
image
based
on
a
label
versus
based
on
a
digest.
They
could
actually
talk
past
each
other
and
you
could
get
not
hermetic
results,
okay,
so
that
makes
sense
and
then
okay
and
then
that
from
says
I'm
actually
like
I,
want
to
make
sure
that
I
don't
get
version
skew
when
I'm
doing
stuff,
like
that,
I.
A
Mean
another
way
to
look
at
this
is
that
you
could
do
some
sort
of
resource
log
right
if
for
Reece,
if
you
know
hey,
if
I'm
using
a
resource
in
a
read,
write
mode,
I
can
make
sure
that
only
one
pipeline
is
using
that
at
a
time.
But
then
you
have
to
start
thinking
about
critical
sections
through
your
pipeline
around
actually
taking
a
lock
on
a
particular
resource
across
a
set
of
steps.
So
that
would
be
another
way
that
I
would
actually
be
thinking
about
doing
this.
A
All
right
pipeline
run
boom
boom
boom
I,
don't
think
we
gonna
be
able
to
get
through
all
this,
but
I
think
that
gives
us
a
good
overrun
of
this
very
cool
and
then
there's
so
much
more
to
explore
because,
like
we
go
here
and
we're
like
I
didn't
get
a
plane
chance
to
play
with
the
the
command
line.
We
didn't
talk
about
the
dashboard
event
triggering
what
these
things
ends
up
being
really
interesting,
because
this
is
where
this
starts
actually
overlapping
with
serverless
stuff.
A
When
you
want
to
actually
hook
this
stuff
up
to
a
to
a
trigger,
you
know,
can
one
of
the
things
that
I'd
love
to
see
is
that
like
do
pipelines
themselves,
actually
have
inputs
and
outputs?
What
is
the
scheme
of
a
pipeline?
So
can
we
actually
create
some
sort
of
duck
typing
between
pipelines
and
tasks,
where
I
can
actually
run
a
task
for
a
pipeline,
but
they
both
have
inputs
and
outputs?
A
How
do
I
actually
specify
that
when
I
have
a
trigger,
if
I
hook
this
up
to
an
H,
2
DP
trigger
or
whatever,
how
do
I
pipeline?
How
do
I
actually
do
the
the
inputs
and
outputs
into
the
pipeline?
So
that's
some
of
the
stuff,
that's
interesting,
a
standard
catalog
of
tasks
and
pipelines
so
that
it's
easier
to
find
these
things.
It
looks
like
there's
a
lot
here,
so
you're
not
actually
going
through
and
recreating
this
stuff
from
scratch,
and
then
you
know
there's
a
lot
of
llamo
wrangling
and
references
and
stuff
like
that.
A
All
right
so
overarching
thoughts.
Is
that
I
really
like
the
project?
I?
Think
there's
a
lot
to
like
here.
I
would
love
to
dig
in
and
understand,
sort
of,
compare
and
contrast
with
our
ago
and
I
did
definitely
see
in
the
in
the
let's
see
where
we
go
in
the
there's.
The
the
operator
for
installing
and
managing
the
thing,
but
in
the
catalog
I
definitely
did
see
that
there's
like
an
Argo
CD
thing
so
like
maybe
you
can
do
some
stuff
and
actually
have
these
things
work
with
each
other,
which
I
think
is
really
interesting.
A
Having
this
line
up
with
the
eventing
models
that
are
being
built
up,
whether
it
be
cloud
events
or
or
you
know,
the
other
stuff
happening
in
inkay,
native
or
other
eventing
models,
I
think
is
really
really
interesting.
I'd
love
to
see
this
stuff
actually
be
more
less
Google
centric
because
like
when
I
was
looking
at
the
the
set
up
here,
you
know
like
I,
look
at
in
the
install
instructions.
It's
like
you
can
either
do
Peavey's
or
GCS,
like
you
know
what
about
s3?
What
about
like?
A
A
You
know
the
concurrency
model
getting
more
more
clear
about
sort
of
like
how
concurrency
works
when
you
actually
have
multiple
things
operating
on
the
same
cluster
is
actually
really
interesting.
Also,
so
very
very
cool
I
think
I'm
totally
running
down
the
clock
here.
Thank
you,
everybody
for
joining
up.
Thank
you
so
much
to
the
to
the
Tecton
team
for
actually
staying
up
late,
because
I
know
a
lot
of
y'all
are
on
the
East
Coast,
or
at
least.
A
A
You
know,
I,
don't
know
if
Duffy
and
others
have
ideas
that
they
want
to
look
at
I'm,
definitely
interested
in
looking
at
queue,
which
is
a
config
language,
similar
in
some
ways
to
JSON
it
a
lot
of
interesting
stuff
going
on
there.
If
you
got
you
know,
Duffy's
doing
this
series
where
he
just
digs
deep
into
kubernetes
concepts
and
really
explores
them.
If
you
all
have
ideas
on
what
you
would
like
to
see,
four
episodes
reach
out
on
Twitter
or
you
can
go
into
the
the
TGI
K
repo.
A
It's
hep
do
/t
GI
k
on
github
we're
going
to
be
moving
that
over
probably
I
think
we
have
to
figure
out
when
and
how
and
the
mechanics
of
it
we're
gonna
be
moving
that
over
to
a
tendu
repo
pretty
soon
so
a
lot
of
fun
stuff.
There's
a
lot
more
to
play
with
here.
I
feel,
like
I,
only
scratched
the
surface
with
Tecton,
but
thank
you
everybody
for
joining
me
and
I
hope
you
have
a
great
weekend.
I'll
see
you
all
later.